226 matches found
CVE-2024-40480
A Broken Access Control vulnerability was found in /admin/update.php and /admin/dashboard.php in Kashipara Online Exam System v1.0, which allows remote unauthenticated attackers to view administrator dashboard and delete valid user accounts via the direct URL access...
CVE-2024-40479
A SQL injection vulnerability in "/admin/quizquestion.php" in Kashipara Online Exam System v1.0 allows remote attackers to execute arbitrary SQL commands via the "eid" parameter...
CVE-2024-40478
A Stored Cross Site Scripting XSS vulnerability was found in "/admin/afeedback.php" in Kashipara Online Exam System v1.0, which allows remote attackers to execute arbitrary code via "rname" and "email" parameter fields...
CVE-2024-57370
Cross Site Scripting vulnerability in sunnygkp10 Online Exam System master version allows a remote attacker to obtain sensitive information via the w parameter...
CVE-2023-2697
A vulnerability classified as critical has been found in SourceCodester Online Exam System 1.0. Affected is an unknown function of the file /jurusan/data of the component POST Parameter Handler. The manipulation of the argument columns1data leads to sql injection. It is possible to launch the...
CVE-2023-2642
A vulnerability classified as critical has been found in SourceCodester Online Exam System 1.0. This affects an unknown part of the file adminpanel/admin/faceboxmodal/updateCourse.php of the component GET Parameter Handler. The manipulation of the argument id leads to sql injection. It is possibl...
CVE-2023-2770
A vulnerability classified as critical was found in SourceCodester Online Exam System 1.0. This vulnerability affects unknown code of the file /kelasdosen/data. The manipulation of the argument columns1data leads to sql injection. The attack can be initiated remotely. The exploit has been disclos...
CVE-2023-2693
A vulnerability was found in SourceCodester Online Exam System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /mahasiswa/data of the component POST Parameter Handler. The manipulation of the argument columns1data leads to sql injection. The attack...
CVE-2023-2695
A vulnerability was found in SourceCodester Online Exam System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /kelas/data of the component POST Parameter Handler. The manipulation of the argument columns1data leads to sql injection. The attack can be...
CVE-2023-2694
A vulnerability was found in SourceCodester Online Exam System 1.0. It has been classified as critical. This affects an unknown part of the file /dosen/data of the component POST Parameter Handler. The manipulation of the argument columns1data leads to sql injection. It is possible to initiate th...
CVE-2023-2771
A vulnerability, which was classified as critical, has been found in SourceCodester Online Exam System 1.0. This issue affects some unknown processing of the file /jurusanmatkul/data. The manipulation of the argument columns1data leads to sql injection. The attack may be initiated remotely. The...
CVE-2025-28121
code-projects Online Exam Mastering System 1.0 is vulnerable to Cross Site Scripting XSS in feedback.php via the "q" parameter allowing remote attackers to execute arbitrary code...
CVE-2025-28087
Sourcecodester Online Exam System 1.0 is vulnerable to SQL Injection via dash.php...
CVE-2025-28087
Sourcecodester Online Exam System 1.0 is vulnerable to SQL Injection via dash.php...
CVE-2025-28087
Sourcecodester Online Exam System 1.0 is vulnerable to SQL Injection via dash.php...
CVE-2025-28087
CVE-2025-28087 affects Sourcecodester Online Exam System 1.0. The dash.php SQL injection vulnerability allows remote, unauthenticated access with high impact on confidentiality, integrity, and availability (CVSSv3.1: 9.8). ADP notes a PoC exploit is available; no patch/version remediation is spec...
PT-2025-13580 · Unknown · Sourcecodester Online Exam System
Name of the Vulnerable Software and Affected Versions: Sourcecodester Online Exam System version 1.0 Description: The issue is related to SQL Injection via the dash.php file. This allows for potential exploitation. Recommendations: For Sourcecodester Online Exam System version 1.0, consider...
CVE-2025-28087
Sourcecodester Online Exam System 1.0 is vulnerable to SQL Injection via dash.php...
CVE-2025-28087
Sourcecodester Online Exam System 1.0 is vulnerable to SQL Injection via dash.php...
Code-Projects Online Exam Mastering System 安全漏洞
Code-Projects Online Exam Mastering System is a Code-Projects open source online exam system. A security vulnerability exists in Code-Projects Online Exam Mastering System v1.0, which stems from an incorrect manipulation of the parameter fid that can lead to SQL injection...